On 09/06/2017 09:10 PM, Sumit Garg wrote: >> -----Original Message----- >> From: York Sun >> Sent: Wednesday, September 06, 2017 9:47 PM >> To: Sumit Garg <[email protected]>; [email protected] >> Cc: Ruchika Gupta <[email protected]>; Prabhakar Kushwaha >> <[email protected]>; [email protected] >> Subject: Re: [Patch v2] configs: SECURE_BOOT: Enable >> CONFIG_CMD_EXT4_WRITE >> >> On 08/25/2017 03:03 AM, Sumit Garg wrote: >>> As part of chain of trust with confidentiality along with distro boot, >>> linux kernel image needs to be stored in encrypted form on >>> ext4 boot partition. So enable CONFIG_CMD_EXT4_WRITE in case of Secure >>> boot. >>> >>> Signed-off-by: Sumit Garg <[email protected]> >>> --- >>> >>> Changes in v2: >>> Instead of adding CMD_EXT4_WRITE option in each defconfig, added this >>> option in Kconfig. >>> >>> board/freescale/common/Kconfig | 2 ++ >>> 1 file changed, 2 insertions(+) >>> >>> diff --git a/board/freescale/common/Kconfig >>> b/board/freescale/common/Kconfig index 53b606e..3496eed 100644 >>> --- a/board/freescale/common/Kconfig >>> +++ b/board/freescale/common/Kconfig >>> @@ -6,6 +6,8 @@ config CHAIN_OF_TRUST >>> select SPL_BOARD_INIT if (ARM && SPL) >>> select SHA_HW_ACCEL >>> select SHA_PROG_HW_ACCEL >>> + select CMD_EXT4 >>> + select CMD_EXT4_WRITE >>> bool >>> default y >> >> Are you going to need this for all PowerPC platforms? This changes increases >> 3K >> in text section. >> >> Will Ruchika confirm? >> >> York > > We don't need this option on PowerPC platforms as we currently don't support > distro > boot on PowerPC platforms. So we can enable this option for ARM platforms > only.
Please update the patch to enable these options selectively. York _______________________________________________ U-Boot mailing list [email protected] https://lists.denx.de/listinfo/u-boot
